Script to antivirus scan / quarantine completed download

Discussion of Transmission that doesn't fit in the other categories
Post Reply
vmi
Posts: 2
Joined: Tue Feb 11, 2014 10:25 am

Script to antivirus scan / quarantine completed download

Post by vmi »

This is a script to scan / quarantine completed downloads using ClamAV
It's a modified version of another script I found.
  • Completed downloads are automatically scanned and moved to a specified folder in case a virus was detected.
  • Moved files are replaced with a log file of the same name and errors are also logged to syslog via logger

Code: Select all

#!/bin/bash
#####
# This script scans completed Transmission downloads for viruses using ClamAV
# ClamAV: http://www.clamav.net
# Transmission BitTorrent: https://trac.transmissionbt.com/wiki/Scripts
#
# To use:
#	* Set script as executable : chmod +x clam-transmission.sh
#	* Edit transmission settings (settings.json) and set the following:
#		script-torrent-done-enabled: true,
#		script-torrent-done-filename: /path/to/script/clam-transmission.sh,	
#	* Set variables below according to comments
#
# Thanks -- borrowed heavily from https://gist.github.com/bulljit/1087570
#####

### Set below vars to match your settings. ###

## ClamAV settings ##
# Existing dir to copy infected files
QUARANTINE=/PATH/TO/QUARANTINE/DIR

## Transmission daemon settings ##
HOST=localhost
PORT=9091
USER=YOUR_USER_NAME
PASS=YOUR_PASSWORD 

function clean_up {
	rm $FILE_LIST
	rm $AV_LOG
}
trap clean_up EXIT

# Obtain a list of files for the completed torrent
FILE_LIST=$(mktemp)
AV_LOG=$(mktemp)
FILES=$(transmission-remote $HOST:$PORT --auth=$USER:$PASS -t $TR_TORRENT_ID -S -f | tail -n +4 | cut -c 35-)
echo "$FILES" > "$FILE_LIST"

# Scan list of files and move infected files to quarantine
cd "$TR_TORRENT_DIR/"
clamscan -vf $FILE_LIST --move=$QUARANTINE -l $AV_LOG
AV_RET=$?
echo -e "\n\n----------- LIST OF FILES -----------\n$FILES" >> $AV_LOG

# Take appropriate action
case $AV_RET in
0)
	# No virus found.
	# Doing nothing, leaving placeholder.
	;;
1)
	# Virus was found
	cat "$AV_LOG" > "$TR_TORRENT_DIR/INFECTED_$TR_TORRENT_NAME.log"
	logger -p auth.warn -t VIRUS FOUND "A virus was detected in $TR_TORRENT_NAME"
	;;
2)
	# Error occurred while scanning
	cat "$AV_LOG" > "$TR_TORRENT_DIR/SCAN_ERROR_$TR_TORRENT_NAME.log"
	logger -p auth.err -t transmission-clamav "An error occurred while scanning $TR_TORRENT_NAME"
	;;
*)
	# Unknown error
	cat "$AV_LOG" > "$TR_TORRENT_DIR/UNKNOWN_ERROR_$TR_TORRENT_NAME.log"
	echo -e "\nUnknown return value : $AV_RET" >> "$TR_TORRENT_DIR/UNKNOWN_ERROR_$TR_TORRENT_NAME.log"
	logger -p auth.err -t transmission-clamav "Unknown return value from scanning $TR_TORRENT_NAME : $AV_RET"
	;;
esac
exit 0
Top
Post Reply

Return to “General”